Audit environment and debugging function
Audit environment
Test environment
Common integration Environment: Phpstudy, Wampserver
#不同的操作系统下, the results of the vulnerability test may also be different
PHP Authoring Tools
Editplu
notepad++
Code Auditing Tools
Seay
Code Audit Platform
DVWA (Note: Under Windows, you need to change the password in the configuration file to empty)
Zvuldrill (Note: You need to re-import the database file)
Vulnerability verification AIDS
Burp Suite
Browser extensions (Hack Bar, Firebug, Modify)
Regular Debugging Tools
SQL Execution Monitoring Tool
Common debugging functions
echo () output function, commonly used to output variable values, or you are not sure which branch the program executes to use the same as print ()
Print_r () is used to output arrays and object data, typically when looking at the return value of an interface, or certain variables that are not quite deterministic. If you want to capture the output of Print_r () , you can use the return
parameter
Var_dump () print variable-related content, including data types
Var_export () The string representation of the output or return variable, which can be directly assigned using the #注: It outputs null for a variable of the resource type
Debug_zval_dump output is similar to Var_dump, you can record how many times a variable has been referenced "an important feature of the copy on write mechanism of PHP"
Exit () Quit function to terminate page run
The difference between a single quote and a double quotation mark
Double quotes parse variables and special characters (so you need to escape when you're expressing text)
Single quotation mark does not parse variable, all characters in it are just text
PHP Code Audit 1-Audit environment and debug function